{"id":33089373,"url":"https://olado.github.io/doT/","last_synced_at":"2025-11-19T11:00:43.547Z","repository":{"id":1297365,"uuid":"1239398","full_name":"olado/doT","owner":"olado","description":"The fastest + concise javascript template engine for nodejs and browsers. Partials, custom delimiters and more. ","archived":false,"fork":false,"pushed_at":"2023-11-02T13:32:48.000Z","size":219,"stargazers_count":5043,"open_issues_count":28,"forks_count":1016,"subscribers_count":158,"default_branch":"master","last_synced_at":"2025-11-11T17:18:53.177Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/olado.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE-DOT.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2011-01-10T20:47:04.000Z","updated_at":"2025-11-05T22:48:43.000Z","dependencies_parsed_at":"2023-07-05T17:15:45.493Z","dependency_job_id":"588fcccc-6bc7-4a38-9b62-3b2d1cac257a","html_url":"https://github.com/olado/doT","commit_stats":{"total_commits":141,"total_committers":16,"mean_commits":8.8125,"dds":"0.34042553191489366","last_synced_commit":"031d3bb7520eed6b93886df2b650b7fce12a7007"},"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/olado/doT","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/olado%2FdoT","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/olado%2FdoT/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/olado%2FdoT/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/olado%2FdoT/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/olado","download_url":"https://codeload.github.com/olado/doT/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/olado%2FdoT/sbom","scorecard":{"id":704416,"data":{"date":"2025-08-11","repo":{"name":"github.com/olado/doT","commit":"031d3bb7520eed6b93886df2b650b7fce12a7007"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.3,"checks":[{"name":"Code-Review","score":2,"reason":"Found 5/24 approved changesets -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE-DOT.txt:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 11 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-22T06:06:55.714Z","repository_id":1297365,"created_at":"2025-08-22T06:06:55.714Z","updated_at":"2025-08-22T06:06:55.714Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":284450848,"owners_count":27007475,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-14T02:00:06.101Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-11-14T17:00:30.635Z","updated_at":"2025-11-19T11:00:43.521Z","avatar_url":"https://github.com/olado.png","language":"JavaScript","funding_links":[],"categories":["Uncategorized"],"sub_categories":["Uncategorized"],"readme":"# doT\n\nCreated in search of the fastest and concise JavaScript templating function with emphasis on performance under V8 and nodejs. It shows great performance for both nodejs and browsers.\n\ndoT.js is fast, small and has no dependencies.\n\n[![Build Status](https://travis-ci.org/olado/doT.svg?branch=v2)](https://travis-ci.org/olado/doT)\n[![npm version](https://img.shields.io/npm/v/dot/beta.svg)](https://www.npmjs.com/package/dot)\n[![Coverage Status](http://coveralls.io/repos/github/olado/doT/badge.svg?branch=v2)](https://coveralls.io/github/olado/doT?branch=v2)\n\n## v2 !!!\n\n[v2.0.0-beta.1](https://github.com/olado/doT/tree/v2) is released - switching recommended!\n\nSee [release notes](https://github.com/olado/doT/releases/tag/v2.0.0-beta.1).\n\nTo install:\n\n```bash\nnpm install dot@beta\n```\n\n## Note from the maintainer\n\ndoT is a really solid piece of software engineering (I didn’t create it) that is rarely updated exactly for this reason.\n\nIt took me years to grasp how it works even though it’s only 140 lines of code - it looks like magic.\n\nI used it in my other projects (e.g. [ajv](https://github.com/epoberezkin/ajv)) as the smallest, the fastest and the most functional (all three!) templating engine ever made, that is particularly useful in all code generation scenarios where manipulating AST is an overkill.\n\nIt’s a race car of templating engines - doT lacks bells and whistles that other templating engines have, but it allows to achive more than any other, if you use it right (YMMV).\n\n\n## Features\n    custom delimiters\n    runtime evaluation\n    runtime interpolation\n    compile-time evaluation\n    partials support\n    conditionals support\n    array iterators\n    encoding\n    control whitespace - strip or preserve\n    streaming friendly\n    use it as logic-less or with logic, it is up to you\n\n## Docs, live playground and samples\n\nhttp://olado.github.com/doT (todo: update docs with new features added in version 1.0.0)\n\n## New in version 1.0.0\n\n#### Added parameters support in partials\n\n```html\n{{##def.macro:param:\n\t\u003cdiv\u003e{{=param.foo}}\u003c/div\u003e\n#}}\n\n{{#def.macro:myvariable}}\n```\n\n#### Node module now supports auto-compilation of dot templates from specified path\n\n```js\nvar dots = require(\"dot\").process({ path: \"./views\"});\n```\n\nThis will compile .def, .dot, .jst files found under the specified path.\nDetails\n   * It ignores sub-directories.\n   * Template files can have multiple extensions at the same time.\n   * Files with .def extension can be included in other files via {{#def.name}}\n   * Files with .dot extension are compiled into functions with the same name and\n   can be accessed as renderer.filename\n   * Files with .jst extension are compiled into .js files. Produced .js file can be\n   loaded as a commonJS, AMD module, or just installed into a global variable (default is set to window.render)\n   * All inline defines defined in the .jst file are\n   compiled into separate functions and are available via _render.filename.definename\n \n   Basic usage:\n ```js\n        var dots = require(\"dot\").process({path: \"./views\"});\n        dots.mytemplate({foo:\"hello world\"});\n ```\nThe above snippet will:\n* Compile all templates in views folder (.dot, .def, .jst)\n* Place .js files compiled from .jst templates into the same folder\n   These files can be used with require, i.e. require(\"./views/mytemplate\")\n* Return an object with functions compiled from .dot templates as its properties\n* Render mytemplate template\n \n#### CLI tool to compile dot templates into js files\n\n\t./bin/dot-packer -s examples/views -d out/views\n\n## Example for express\n\tMany people are using doT with express. I added an example of the best way of doing it examples/express:\n\n[doT with express](examples/express)\n\n## Notes\n    doU.js is here only so that legacy external tests do not break. Use doT.js.\n    doT.js with doT.templateSettings.append=false provides the same performance as doU.js.\n\n## Security considerations\n\ndoT allows arbitrary JavaScript code in templates, making it one of the most flexible and powerful templating engines. It means that doT security model assumes that you only use trusted templates and you don't use any  user input as any part of the template, as otherwise it can lead to code injection.\n\nIt is strongly recommended to compile all templates to JS code as early as possible. Possible options:\n\n- using doT as dev-dependency only and compiling templates to JS files, for example, as described above or using a custom script, during the build. This is the most performant and secure approach and it is strongly recommended.\n- if the above approach is not possible for some reason (e.g. templates are dynamically generated using some run-time data), it is recommended to compile templates to in-memory functions during application start phase, before any external input is processed.\n- compiling templates lazily, on demand, is less safe. Even though the possibility of the code injection via prototype pollution was patched (#291), there may be some other unknown vulnerabilities that could lead to code injection.\n\nPlease report any found vulnerabilities to npm, not via issue tracker.\n\n## Author\nLaura Doktorova [@olado](http://twitter.com/olado)\n\n## License\ndoT is licensed under the MIT License. (See LICENSE-DOT)\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"http://olado.github.io/doT/doT-js-100@2x.png\" alt=\"logo by Kevin Kirchner\"/\u003e\n\u003c/p\u003e\n\nThank you [@KevinKirchner](https://twitter.com/kevinkirchner) for the logo.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/olado.github.io%2FdoT%2F","html_url":"https://awesome.ecosyste.ms/projects/olado.github.io%2FdoT%2F","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/olado.github.io%2FdoT%2F/lists"}